0

I want to share a page with clients over mail which is something like this:

https://blabla.com/docket/2443

but if I do so they can access all other pages by just changing the docket no. i.e. 2443 in this case. I tried to use tiny-url but it's of no use. Is there any way to mask the URL to solve the above problem?

Rahul Sharma
  • 2,187
  • 6
  • 31
  • 76

1 Answers1

0

There are multiple solutions to that problem.

  1. If that endpoint requires a login and related to a User, you can add permissions to that endpoint which makes it only accessible for the user(s) who are related to it.

  2. If it is a public URL, You can make the id more sophisticated than an integer, you can make the id field a UUIDField, which makes it really hard to guess any other dockets ids.

Radwan Abu-Odeh
  • 1,897
  • 9
  • 16
  • I have already created 2000+ dockets so if i add an `UUID` field then how do i fill all of them ? – Rahul Sharma Dec 09 '20 at 09:46
  • `id = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)`, now run `python manage.py makemigrations`, then `python manage.py migrate`, it will run the default value for the previously created records. You can test it locally to make sure it is not going to harm your data. – Radwan Abu-Odeh Dec 09 '20 at 09:49
  • I just ran the migrations and it says ` - Remove field id from allotment - Add field uid to allotment` I have used id multiple times in my code. Can we add `UUID` without deleting the `id` – Rahul Sharma Dec 09 '20 at 09:59
  • `id = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)`, this should do, you have to specify that this field is a `primary_key` – Radwan Abu-Odeh Dec 09 '20 at 10:21
  • It was True in the above code.. it tries to remove the `id – Rahul Sharma Dec 09 '20 at 11:03